package com.hsh.filter;
/**
 * @author xrkhy
 * @date 2025/6/27 10:00
 * @description
 */

import com.alibaba.fastjson2.JSONObject;
import com.hsh.pojo.User;
import jakarta.servlet.*;
import jakarta.servlet.annotation.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

@WebFilter(filterName = "/*",urlPatterns = "/*")
public class filter implements Filter {
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
        // ,"/html/receptiondesk/index.html"
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        String uri = req.getRequestURI();
        String contextPath = req.getContextPath();

        // 白名单路径（目录前缀）
        // 登录页面发起登录请求不要拦截。
        String[] whiteDirs = {
                contextPath + "/css/",
                contextPath + "/js/",
                contextPath + "/resource/",
                contextPath + "/ElementUI/",
                contextPath + "/imgs/",
                contextPath + "/login",
                contextPath + "/register",
                contextPath + "/UserPage",
                contextPath + "/UserUpdate",
                contextPath + "/UserDelete",
        };

        // 白名单路径（精确文件）
        String[] whiteFiles = {
                contextPath + "/login.html",
                contextPath + "/register.html",
                contextPath + "/login",
                contextPath + "/register",
                contextPath + "/UserPageCondition"
        };

        // 检查目录白名单
        for (String dir : whiteDirs) {      // 遍历白名单目录列表
            if (uri.startsWith(dir)) {     // 检查请求URI是否以白名单目录开头
                chain.doFilter(request, response); // 匹配则放行请求
                return;                    // 结束当前过滤器的执行
            }
        }

        // 检查文件白名单
        for (String file : whiteFiles) {
            if (uri.equals(file)) {
                chain.doFilter(request, response);
                System.out.println("文件白名单");
                return;
            }
        }

        System.out.println("未进入白名单 进入过滤器");
        // 登录检查
        User user = (User) req.getSession().getAttribute("user");
        if (user == null) {
            // 未登录 调到首页
            System.out.println("未登录");
//            request.getRequestDispatcher("/login.html").forward(request, response);
            httpResponse.sendRedirect(contextPath + "/login.html"); // 携带上下文路径
            return;
        }
        // 已登录放行
        // --- 角色权限检查 ---
        Integer role = user.getRole(); // 从User对象获取角色字段

        if (role == 1) { // 管理员放行所有请求
            System.out.println("已登录管理员路径");
            chain.doFilter(request, response);

        } else{ // 普通用户
            // 仅允许访问 /html/receptiondesk/ 目录
            String receptionDeskPath = contextPath + "/html/receptiondesk/";
            if (uri.startsWith(receptionDeskPath)) {
                System.out.println("已登录普通用户路径");
                chain.doFilter(request, response); // 放行
            } else {
                // 无权限访问其他路径
                System.out.println("已登录未知路径");
                httpResponse.sendRedirect(contextPath + "/html/receptiondesk/index.html"); // 携带上下文路径
//                request.getRequestDispatcher("/login.html").forward(request, response);
            }
        }
    }

    public void init(FilterConfig config) throws ServletException {
    }

    public void destroy() {
    }

}
